class ApplicationController < ActionController::Base
  protect_from_forgery
  private
  def authorize
    ticket = get_ticket
    if ticket == nil
      require_login
    else
      check_ticket ticket
    end
  end

  def get_ticket
    ticket = params.key?(:ticket) ? params[:ticket] : nil
    if ticket == nil 
      ticket = session[:ticket] ? session[:ticket] : nil
    end
    ticket
  end

  def require_login
    redirect_to 'http://g.cn'
    false
  end

  def check_ticket ticket
    super_ticket = '123456789'
    if not super_ticket == ticket
      render :text => 'bad ticket'
      false
    end
  end

end
